[PDF]MOVING TO THE CLOUD: Tips for Successful Change...
0 downloads
132 Views
10MB Size
MOVING TO THE CLOUD: Tips for Successful Change Management
Heiko Spallek Khalil Yazdi David Rankin Lynn Johnson
1
Internet2 and Internet2 NET+ Services 2
Cloud Promise and Challenges Customized Solutions?
compliance with HIPAA/FERPA
CAPEX to OPEX
Reduced administrative overhead: Restructuring administrative processes “automated provisioning”
Scale, Elastic Speed
Volume of acquisition “Green” benefits
innovative approaches?
Individual/institution has minimal impact
vendor “lock in” commodity services
Use what you need
Focus on local specialization not ‘hybrid’ environments plumbing IT acquisition approaches Who supports students, faculty and staff? security, data privacy and accessibility 3
Founded
INTERNET2 Powered by Community …
In 1996 by research universities to take self- responsibility for providing a data networking environment that would not otherwise exist, or exist as and when the community of scholars needed it
Mission Develop and deploy advanced network applications and technologies, accelerating the creation of tomorrow’s Internet
Goals
Accelerating Research & Education through Innovation
• Enable new generation of applications • Re-create leading edge R&E network capability • Transfer technology and experience to the global production Internet
Community • R&E member institutions, affiliates, agencies, etc.. • Rich and complex regional network community • Global NREN community 4
The R&E Network
262+ Universities 80+ Corporations 70+ Government agencies 42 Regional & state networks 65+ International R&E networks
5 February 27, 2015
© 2013 Internet2
Building a “Brokered Community Cloud” The R&E Community acting on its own behalf LEVERAGING COMMUNITY ASSETS COMPLETE CLOUD DEPLOYMENT PLATFORM FOR THE ACADEMY
SCALABLE AND AGILE TO MEET BROAD USER MOBILITY NEEDS
TRUSTED STANDARDS, INTEGRATED IDENTITY AND ADVANCED NETWORK DELIVERY 6
What is Internet2 NET+ Services all about? A partnership to provide a portfolio of solutions for Internet2 member organizations that are cost-effective, easy to access, simple to administer, and tailored to the unique, shared needs of the community: • Define a new generation of value-added services • Leverage the Internet2 R&E Network and other services such as InCommon • Drive down the costs of provisioning/consuming services • Provide a strategic partnership with service providers (new service offerings). • Leverage community scale for better pricing and terms • Develop solutions that meet performance, usability, and security requirements • Provide a single point of contracting and provisioning 7
Cloud Service Portfolios for Higher Ed
RESPONSIVE, ACCELERATED CLOUD PLATFORM
• • • • • • • •
Trust & Identity Software As A Service Infrastructure, Platform, Security Video, Voice & Collaboration Digital Content For Research & Education
Peer Validated Security Performance and Accessibility Standards from over 260 CIOs Input from University General Counsel and Procurement Officers
8
HOW IT WORKS Requirements of Service Providers •
Identified Sponsor: CIO or other senior executive from a member institution
•
Membership in Internet2 and InCommon Federation
•
Adoption of InCommon -Shibboleth/SAML2.0 and Connection of services to the R&E Network
•
Completion of the Internet2 NET+ Cloud Control Matrix
•
Commitment to: ▪ A formal Service Validation with 5-7 member institutions ▪ Enterprise wide offerings and best pricing at community scale ▪ Establishing a service advisory board for each service offering ▪ Community business terms (Internet2 NET+ Business and Customer agreements) ▪ support the community’s security, privacy, compliance and accessibility obligations
•
Willingness to work with the Internet2 community to customize services to meet the unique needs of education and research
9
GET INVOLVED IN THE
NET+ SERVICE LIFECYCLE
Sponsored by Community Members
Designed by participating campuses, providers and Internet2
Subscription by Community Members, Regional and Global partners
All delivered at global scale, tailored to R&E needs, and benefitting all participating institutions 10
NET+ Service Validation Components •
Functional Assessment
•
– Review features and functionality – Tune service for research and education community
•
•
o Legal: customized agreement using NET+ community contract templates o Business model o Define pricing and value proposition
Technical Integration – Network: determine optimal connection and optimize service to use the Internet2 R&E network – Identity: InCommon integration
Security and Compliance – Security assessment: Cloud Controls Matrix – FERPA, HIPAA, privacy, data handling – Accessibility
Business
•
Deployment o Documentation o Use cases o Support model
11
COMMUNITY -DRIVEN CLOUD SINCE 2010
4
2 services launched in General Availability
NET+ Designed
13 founding campuses
2010
to leverage community engagement and community assetsInCommon and the Internet2 R&E Network
2011
8
Services in General Availability
6
50+
In Early Adoption
services launched
14
300+
In Service Validation
campuses participating
6
7.8m
650+
In Service Validation
User Identities via InCommon
Cloud Service subscriptions
In Early Adoption
2012
2013
2014
12
Internet2 NET+ Services: Current Engagements
13 Updated September 2014
Examples of Cloud Services Deployed at Scale Leveraging community developed offerings, preferred pricing and business terms
100+ universities cloud storage and collaboration campus-wide (18 months) 40+ universities leveraging the NET+ Splunk offering (6 months) 20+ universities moved their LMS to Instructure’s Canvas (6 months) 15+ universities leveraging Code42’s CrashPlan offering (12 months)
14
Dimensions of Realized Benefit • Cost Avoidance • Lower pricing • Lower procurement cost/effort • Community based due-diligence • Enhanced Value • Favorable terms • Better alignment with local IT architecture • Provides competitive options as the number of providers in each portfolio services category increases • Future Proofing (lower risk) • Strategic engagement with provider at community scale • Leveraging community purchasing power 15
http://www.internet2.edu/cloud-services/
16
http://www.internet2.edu/netplus/faq
17
The Perils of Customization Heiko Spallek, DMD, PhD, MSBA(CIS) University of Pittsburgh, School of Dental Medicine Associate Dean, Office of Faculty Affairs Executive Director, Center for Informatics in Oral Health Translational Research Associate Professor, Dental Public Health
The EHR Evolution uniqueness of EHR solution commoditization ubiquity
IT
= transport mechanism for digital information
EHR = transport mechanism for patient information
transport mechanisms benefit from interoperability (think railroad!)
Is Uniqueness Worth the Cost?
But we are unique…
customization selling point adoption of best practice efficiency, quality
ABC Standard
Customized: Good luck!
Customization Problems ● ● ● ● ●
no upgrades to retain customization re-develop customized functionality regression testing warranty issues HR problems
Reasons for Adopting Standards 1. 2. 3. 4.
Research, e.g. Big Data Interoperability, e.g. EDR <—> EMR Learning Health System Meaningful Use
Example: unique storage to common storage $12,000/year
$2,000/year
ADA Standards Committee for Dental Informatics (SCDI)
IT Governance @ University of Michigan Lynn Johnson, PhD Associate Dean
Dental Informatics Advisory Group (DIAG) •1 Faculty from each department •2 Students •2 Staff •Dental Informatics staff as needed •Chair is Associate Dean Charge •Set priorities •Research and reviewer products
Philosophy: Cloud services that are “Best of Breed” •Don’t want to be “locked in” like Comcast! ☺ •De-coupling the services •Select services in which we can exchange data (Web Services) •Research, research, research
Movement to cloud University of Michigan
• Google Apps • Box • Amazon Web Services • eduroam • Foliotek*
School of Dentistry • eCurriculum • eClass • Televox • Lexicomp • DataMotion • Pentaho
Movement to Cloud: Services under consideration School of University of Dentistry Michigan • Service Now • Canvas • DuoSecurity
• Lab Archives • DocuSign
Process (for Clinical Grading)
DIAG sets Priorities
Research
Approval
Televox
Reports
(reminders)
axiUm DataMotion (Secure Email)
EHR
Scheduling
Lexicomp
Billing
eClass (Clinical Assessment)
Clinical Research
(drug database)
Mobile
Televox
DataMotion (Secure Email)
Reports
EHR
ePrescrition
Scheduling Lexicomp (drug database
Billing
eClass (Clinical Assessment)
Clinical Research
Mobile
Hospital Integration
Getting there: Setting Priorities • We took a survey! • We decided to make priorities based on: Priority
Fills Meaningful Use need Pre-requisite to other need High personnel impact High financial impact Fill Accreditation needs Function in place vs. currently unmet Other
Ranking
3.8 3.6 3.5 3.0 2.8 2.7 0.0
Getting there: Setting Priorities Function Student Grading (???) Secure Correspondence (DataMotion) Other (Lab Archives, DuoSecurity, DocuSign) EHR (ICE Health Systems) Instrumentation System Digital Imaging E-Prescriptions Finance Learning Management System Credentialing System ePortfolio
Rank 1.7 2.5 4.0 4.2 4.3 5.0 5.3 6.0 6.5 7.0 7.3
How UNC Chapel Hill is addressing the shifting sands of increased Cloud Security By David B. Rankin, MS, Certificate in Information Assurance IT Director, UNC School of Dentistry
The Clouds at UNC Chapel Hill • Private Cloud – Hosted on premise at UNC • Public Cloud – Purchased from a vendor or using free services like Google, Microsoft, etc.
Private Cloud @ UNC-CH Hosted on premise at UNC • Central IT - http://its.unc.edu/services/ – Hosting Services (Citrix, VMWare) – Research Computing Clusters – SAKAI
• Departments and Schools – VMWare – Citrix and Microsoft Terminal Services – Other
Public Cloud @ UNC-CH Hosted at a Vendor’s location • Google Services (Mail, Docs, Drive, etc.) • HeelMail (Email for Students) • Qualtrics (Survey software) • Qualys (Security and Vulnerability Scanning) • Gartner Portal (Technology Research) • Microsoft IT Academy (eLearning for Microsoft products)
Security, Policy and Compliance @ UNC-CH • How do we ensure that qualified people are operating the servers that house the University’s data? • How do we secure the University information? • How do we mitigate risk? • How do we ensure compliance with University policies, State statutes and Federal laws. http://help.unc. edu/help/what-issensitive-data/
Private Cloud Vetting • UNC Security Policies • UNC Systems Administrator Initiative (SAI) • Inventory of Sensitive Data Servers • Qualys Scanning of Sensitive Servers
Public Cloud Vetting • University Purchasing • University General Counsel • Central IT – Security – Technology
UNC Private Cloud Security Standards • 3rd Party Audit of Vendor using CCM standard • SOC2 • ISO 27001
Conclusion UNC Chapel Hill is responsible for the security of its data. Where it is hosted or how does not matter.